Top Scams to Look Out for in 2017!
2016 was a quite a year, there were many E-Mail scams, nasty malware, and other phishing attacks. We believe that computer based phishing scams accounted for over 70% of all socially based scams. (Phone scams were popular as well!!)
If 2017 is anything like 2016 was, then we all need to be on the lookout for hackers and their tricks!! Here are a few of the latest scams that we at CFL Technology Source feel you should be watching for:
If you are unaware of exactly what ransomware is, here is an example:
Perhaps one day you’re on your computer browsing the internet and a warning pops up, claiming to be from the FBI.
When you click anywhere on the warning, it downloads the malware encryption program onto your computer. This program will encrypt all of your files, making them inaccessible. The hacker then offers to unencrypt the files for a hefty fee.
Another variation is the fake UPS/Fedex tracking E-mail. You receive a package tracking number for a delivery you are not expecting. When you click on the tracking number, it downloads the malware encryption program onto your computer. If you are in any way unsure of the validity of the E-Mail, do NOT click the link included in the E-Mail, instead manually open the web browser and enter the web address of the site directly into the browser and click on tracking.
These are just a few examples, there are many different ways you can be infected with ransomware. Often It is contained in an email link appearing to be coupons, a free offering of some sort, etc. But when you open it, it installs software that takes over your computer and encrypts the hard drive.
3. Account locked e-mail.
A legitimate looking email arrived from a bank, Paypal, or other service, warning you that that your account is locked, and you need to re-set your password. By entering your password, you have just given your credentials to the hacker. If you are in any way unsure of the validity of the e-mail, do NOT click the link included in the E-Mail, instead manually open the web browser and enter the web address of the site directly into the browser and test your password.
Always be wary of any unsolicited E-Mail requesting (or sometimes even demanding) personal info such as passwords or social security numbers as these are often hackers trying to steal your account access credentials and gain unauthorized access to your accounts.
4. The IRS Phone scam
From now to the end of tax season, hackers will call their targets from a phone with a fake number showing on the caller id. The fake number will most likely be from the Washington, D.C. area, and the caller will claim that they are calling from the IRS. The hacker will have already gathered a lot of information about their target; most likely the information was purchased on the Dark Web from another hacker who got the information from a data breach.
Usually, they’ll claim that an old tax return has accrued late debt, usually in the amount of $2,000-$5,000. They won’t ask for large amounts of money, instead, they prefer to ask for a reasonable amount that their victim will be more likely to pay. If the target takes the bait, the hacker will say that bank transfers and credit card payments aren’t accepted and that the only form of payment possible is a money transfer through a service similar to Western Union (though it will most likely not be Western Union itself) that is nonrefundable and non-traceable.
It is important to note the following excerpts from the IRS Website:
“Note that the IRS will never:
• Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail you a bill if you owe any taxes.
• Threaten to immediately bring in local police or other law-enforcement groups to have you arrested for not paying.
• Demand that you pay taxes without giving you the opportunity to question or appeal the amount they say you owe.
• Ask for credit or debit card numbers over the phone.”
“REMEMBER: The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. In addition, IRS does not threaten taxpayers with lawsuits, imprisonment or other enforcement action. Being able to recognize these telltale signs of a phishing or tax scam could save you from becoming a victim.”
5. Business Email Compromise scams
The hacker aims to access an email account and obtain financial data stored there. They’re looking for bank statements, login info and other financial data like verifications of wire transfers or payments in and out of accounts.
Occasionally they’ll attempt to gain access to an email account by sending the victim a document containing malware. If opened, the malware infects the computer which allows the attacker to browse remotely.
In another variation of the scam, a CEO or other higher-up’s email is compromised. The hacker then impersonates him or her and sends an email to the head of finance, saying something along the lines of , “I’ll be out of the country for the next week, but we need to make a wire transfer ASAP to this account #XXX-XXXX”. This practice is very common in large companies where a lot of traveling takes place and employees are not very familiar with their employers. It takes advantage of authority under the assumption that an employee won’t disobey orders.
“Social engineering in general isn’t about how smart technically you are,” says Michele Fincher, chief operating officer of Social Engineer, “It’s about what connects you to others, what makes you curious and angry and what might make you act without thinking”.
In conclusion, we all need to be smart when conducting our everyday activities on our devices. No matter how complex your password may be, or how legitimate an email may seem, there is always the chance that is a scam! We at CFL Technology Source can assist with network security and comprehensive data backup solutions that can help to reduce the threat to data security caused by hacking and malware.
Please contact us today for more information